The present invention relates to computer security, and more specifically, to permissions required to access a data service.
As the development of cloud-based applications continues to proliferate, so too does the concern over secure access to data. Indeed, data security is a high priority for those developing cloud-based applications. There are, however, a number of myths concerning data security that too often are believed by application developers. One myth, for example, is that hackers cause most security breaches. In reality, 80% of data loss is caused by insiders. Another myth is that encryption, in and of itself, is a solution to securing data. Strong security measures, however, also require access control, data integrity, system availability and auditing. Another myth is that firewalls make data secure, although large percentage of Internet break-ins occur in spite of a firewall being in place. Moreover, the use of firewalls adds a level of complexity that is not always convenient for certain types of application deployment scenarios, for example when an application is being made available for use to large numbers of users.